Stories
Slash Boxes
Comments

SoylentNews is people

Hardware Attack Exposes nRF52 Debugger

posted by Fnord666 on Friday July 17 2020, @01:27PM   Printer-friendly
from the debugging-for-fun-and-profit dept.

MrPlow writes:

Submitted via IRC for boru.

https://www.infoq.com/news/2020/07/nRF52-debug-resurrect/:

A recent hardware attack on the Nordic nRF52 chip uses local access to gain chip-level debugging capabilities that persist in silicon, unpatchable in software. Nordic has confirmed the issue and encouraged device manufacturers to detect openings of the enclosure, as the chip is not hardened against fault injection.

This chip is used in so many bluetooth products. Might be fun to go wardriving and find some and see if any have accessible SWD pins.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Hardware Attack Exposes nRF52 Debugger | Log In/Create an Account | Top | 29 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Funny) by VLM on Friday July 17 2020, @05:26PM (3 children)

    by VLM (445) on Friday July 17 2020, @05:26PM (#1022973)

    I would imagine its more fun to pown someone's BT keyboard to obtain all their passwords and login information, than to pown their remotely controlled vibrator or doorbell. Although it would be funny to cross connect the two if you pown them both. "I don't know why my wife leaps off the couch every time a door to door salesman comes by, but its interesting to observe"

    Starting Score:    1  point
    Moderation   +2  
       Funny=2, Total=2
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 2) by DannyB on Friday July 17 2020, @06:09PM (2 children)

    by DannyB (5839) Subscriber Badge on Friday July 17 2020, @06:09PM (#1022991) Journal

    Many of these bluetooth doorbells also capture video. Suppose porch pirates could jam the video or replace it with goatse videos or Trump speech videos.

    It might not be necessary to PWN a bluetooth device. I don't know the feasibility of this, but suppose it were possible to passively capture encrypted bluetooth traffic. Now you don't have to "hack" their keyboard, just be able to determine the encryption parameters (if any). You could capture doorbell videos.

    Imagine if you could inject the audio of your choosing (but not Justin Bieber) into people's music headphones or telephone headsets. Or simply record their conversations.

    The other thing this chip is used in is NFC. Potential implications for payments or payment systems or terminals?

    I don't want to sound like the end is coming, but the election is only a hundred some odd days away.

    --
    The lower I set my standards the more accomplishments I have.

    • (Score: 1) by redneckmother on Saturday July 18 2020, @02:15AM

      by redneckmother (3597) on Saturday July 18 2020, @02:15AM (#1023190)

      goatse videos or Trump speech videos

      Pass the brainbleach, please.

      --
      Mas cerveza por favor.

    • (Score: 2) by VLM on Saturday July 18 2020, @06:07PM

      by VLM (445) on Saturday July 18 2020, @06:07PM (#1023441)

      The other thing this chip is used in is NFC. Potential implications for payments or payment systems or terminals?

      Yeah physical security door locks too. Interesting.